Lucene search
K

96 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-6683

FatFs R0.16 and earlier contains a divide-by-zero in exFAT sync logic bug when crafted metadata causes nfatent - 2 to be zero during write/sync operations. This maps to CWE-369 Divide By Zero. Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 4.6, Medium. Network-delivered...

4.6CVSS0.00205EPSS
Exploits2References4
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-13526 SourceCodester Class and Exam Timetabling System edit_class.php sql injection

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editclass.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

7.5CVSS0.00263EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.12 views

PT-2026-49167

A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the function actionGetPatientById of the file appmodulesmedicalportrestcontrollersPatientController.php of the component HTTP REST API. The manipulation of the argument ID results ...

5.3CVSS5.1AI score0.00226EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 3:30 a.m.8 views

CVE-2026-11484

A weakness has been identified in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /archive3.php. This manipulation of the argument sy causes sql injection. The attack may be initiated remotely. The exploit has been made available to the public an...

7.5CVSS7AI score0.00275EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-9550

A vulnerability was determined in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. Affected by this issue is some unknown functionality of the file /SubstationWEBV2/app/..;/main/upfile. Executing a manipulation of the argument path can lead to path traversal...

7.5CVSS6.8AI score0.00519EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/02 11:45 p.m.9 views

CVE-2026-10692 johnhuang316 code-index-mcp search_code_advanced is_safe_regex_pattern redos

A weakness has been identified in johnhuang316 code-index-mcp up to 2.14.0. Affected is the function issaferegexpattern of the component searchcodeadvanced. Executing a manipulation of the argument regex can lead to inefficient regular expression complexity. It is possible to launch the attack...

5.3CVSS5.4AI score0.0031EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.20 views

PT-2026-45606

A security vulnerability has been detected in Enderfga claw-orchestrator up to 3.7.0. The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-server.ts of the component Session Grep Endpoint. The manipulation of the argument body.pattern leads to inefficient...

5.3CVSS5.4AI score0.00354EPSS
Exploits0References10
NVD
NVD
added 2026/05/25 5:16 a.m.10 views

CVE-2026-9427

A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submit-url causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS0.00445EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/25 5:15 a.m.41 views

CVE-2026-9429 Tenda F1202 WrlExtraSet formWrlExtraSet stack-based overflow

A vulnerability was found in Tenda F1202 1.2.0.20408. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS0.00579EPSS
Exploits0References5
CVE
CVE
added 2026/05/24 9:45 a.m.27 views

CVE-2026-9371

CVE-2026-9371 affects ItzCrazyKns Vane up to 1.12.1, specifically the API route.ts functionality where a missing authentication check exists. The vulnerability arises from missing authentication in that component, enabling remote manipulation. The issue is described as having a high attack comple...

6.3CVSS5.2AI score0.00437EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/18 1:15 a.m.7 views

CVE-2026-8779

A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...

5.3CVSS5.4AI score0.00303EPSS
Exploits0References7
CVE
CVE
added 2026/05/05 5:45 p.m.33 views

CVE-2026-7853

CVE-2026-7853 affects D-Link DI-8100 with firmware 16.07.26A1. The weakness lies in the HTTP Handler’s /auto_reboot.asp, where the function sprintf mishandles the enable/time argument, causing a buffer overflow. This design flaw enables remote exploitation, and public exploit access is indicated ...

10CVSS7.7AI score0.01515EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/03 11:15 p.m.6 views

CVE-2026-7710

A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of the argument mock-token results in improper authentication. Remote...

7.5CVSS6.7AI score0.00405EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/05/03 10:45 p.m.35 views

CVE-2026-7708 Open5GS UDR subscription.c ogs_dbi_subscription_data denial of service

A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogsdbisubscriptiondata in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supiid causes denial of service. The attack may be initiated remotely. The exploit has...

5.3CVSS0.00276EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/26 1:45 p.m.34 views

CVE-2026-7045 baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

6.5CVSS0.00237EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/04/20 10:30 a.m.4 views

CVE-2026-6630 Tenda F451 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow

A vulnerability was found in Tenda F451 1.0.0.7cnsvn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS7.8AI score0.00447EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/10 12:0 a.m.2 views

Unity Linux 20.1070e Security Update: binutils (UTSA-2026-007090)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007090 advisory. A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfdelfsetgroupcontents of the file...

7.8CVSS5.2AI score0.00172EPSS
Exploits0References4
NVD
NVD
added 2026/04/06 10:16 a.m.6 views

CVE-2026-5643

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS0.00206EPSS
Exploits0References5
NVD
NVD
added 2026/04/05 2:16 p.m.4 views

CVE-2026-5569

A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been made public and coul...

9.8CVSS0.00448EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.8 views

PT-2026-29639

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.26 Description A flaw exists in Nothings stb, specifically within the TTF File Handler component, impacting the stbtt InitFont internal function in the stb truetype.h library. A manipulation of the function can le...

8.8CVSS5.6AI score0.00664EPSS
Exploits1References12
Rows per page
Query Builder